SUSE CVE-2008-1218

Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skippasswordcheck field t...

FreeBSD : dovecot -- security hole in blocking passdbs (b39bdc06-ee42-11dc-8678-00a0cce0781e)

Dovecot reports : Security hole in blocking passdbs MySQL always. PAM, passwd and shadow if blocking=yes where user could specify extra fields in the password. The main problem here is when specifying 'skippasswordcheck' introduced in v1.0.11 for fixing master user logins, allowing the user to lo...

DEBIAN-CVE-2008-1218

Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skippasswordcheck field t...

CVE-2008-1218

Argument injection vulnerability in Dovecot 1.0.x before 1.0.13, and 1.1.x before 1.1.rc3, when using blocking passdbs, allows remote attackers to bypass the password check via a password containing TAB characters, which are treated as argument delimiters that enable the skippasswordcheck field t...

dovecot -- security hole in blocking passdbs

Dovecot reports: Security hole in blocking passdbs MySQL always. PAM, passwd and shadow if blocking=yes where user could specify extra fields in the password. The main problem here is when specifying "skippasswordcheck" introduced in v1.0.11 for fixing master user logins, allowing the user to log...